you need to be more specific on what you mean by multi tenancy - on what level, execution, design, etc. It's all driven by requirements and there is no general multi tenancy guide available as it really depends on your goals.
My requirement is we have a system where it have multiple tenants. When each tenant login, it should show only tenant related repositories, projects , business process, process definitions , process instances and tasks.
And should not access to any of other tenants tasks and resources .
So can i consider Organizational Unit as a tenant ?
Thanks in Advance,
in this case when you run jbpm console (aka kie workbench) you can define security restrictions at following levels:
- repository using kie-config-cli tool
- project/kjar using deployment descriptor - note that kjar will inherit all roles defined for repository it was created in
What that gives you:
- design time, only users that belong to a roles defined for repository will see them
- runtime, only users that belong to given roles will see process definitions and instances
- tasks are already managed by task assignments so users will see tasks they are assigned to - either individual (users) assignments of group and again, here group is same as role in project and repository.
If you follow simple rule, assign roles/groups to repository, kjars and user tasks (within processes) then you will achieve multi tenancy that you described.
Thanks Maciej for quick response.
Will check it out and come back in case if we need any more help on the same.